<![CDATA[OpenVPN Access to LAN behind client]]>Hello,
I have no clue how to configure route for this type of setup.
Thanks.
I have the following setup:
Centos openvz vps (venet0)
OpenVPN server IP: 10.8.0.1

PFsense router Acts as OpenVPN client
Lan: 192.244.11.0/24
Openvpn client ip : 10.8.0.2
Windows client
Lan : 192.244.11.1
I want the centos Server to be able to access the LAN of the PFsense. The Windows client in the PFsense LAN needs to be able communicate with the centos Server box as well.

port 1194
proto udp
dev tun
user nobody
group nobody
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
client-to-client
push "route 192.244.11.0 255.255.255.0"
;route 192.244.11.0 255.255.255.0 10.8.0.1
;	-------------------------
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1 bypass-dhcp" 
crl-verify crl.pem
ca ca.crt
cert server_g9hq31FXVL3AsXq0.crt
key server_g9hq31FXVL3AsXq0.key
tls-auth tls-auth.key 0
dh dh.pem
auth SHA256
cipher AES-128-CBC
tls-server
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
status openvpn.log
verb 3

pfsense client

client
proto udp
remote ***************** 1194
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_g9hq31FXVL3AsXq0 name
auth SHA256
auth-nocache
cipher AES-128-CBC
tls-client
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
setenv opt block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
-----BEGIN CERTIFICATE-----
BTusOrY68gxGlFw3smOloawS6xhnm4hVFWMhYg=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
G3uB2I+MqZpoO83YsZ//HqiE4H
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-auth>
]]>https://forum.netgate.com/topic/138892/openvpn-access-to-lan-behind-clientRSS for NodeWed, 11 Mar 2026 22:02:25 GMTWed, 19 Dec 2018 18:35:52 GMT60<![CDATA[Reply to OpenVPN Access to LAN behind client on Thu, 20 Dec 2018 03:14:39 GMT]]>No. I used some tutorial of PIA open vpn client.

]]>https://forum.netgate.com/post/812399https://forum.netgate.com/post/812399Thu, 20 Dec 2018 03:14:39 GMT<![CDATA[Reply to OpenVPN Access to LAN behind client on Wed, 19 Dec 2018 18:44:44 GMT]]>Did you go through one of the site-to-site examples? https://www.netgate.com/docs/pfsense/book/openvpn/index.html

As I recall the routing should be handled automatically but you'd need to add firewall rules: https://www.netgate.com/docs/pfsense/book/openvpn/allowing-traffic-over-openvpn-tunnels.html

]]>https://forum.netgate.com/post/812334https://forum.netgate.com/post/812334Wed, 19 Dec 2018 18:44:44 GMT